Automated Teller Machine (ATM) is commonly used nowadays because of its
convenience and efficiency. However, it is subjected to several attacks such
as password guessing attacks and over-the-shoulder attacks. Attackers pose
a threat to account authenticity and financial loss by copying magnetic
information of ATM cards. Two-factor authentication is proposed against the
fraud. Nevertheless, many two-factor authentication solutions nowadays
require extra layer as a barrier, for example, a physical token. These solutions
have weaknesses like high cost and difficulty to be implemented.
This project aims to provide a simple system model without extra computer
devices to perform two-factor authentication. A second authentication is
added to the ATM system using visual cryptography proposed by Naor and
Shamir. Every user of the new system should have a special ATM card, which
is printed with a decoding mask (a transparent scrambled image). When ATM
monitor displays an encrypted image in the second authentication, user
should overlay his card onto it and input password decrypted for verification.
This solution has advantages such as high adaptability, low cost, low weight
and convenience.
Another function “Dynamic Keypad” is also proposed in this project. A
dynamic keypad is presented for PIN input in first authentication. It helps to
remedy security fraud of nearby camera and over-the-shoulder attacks. The
function is optional for user’s preference.